Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Samsung. Show all posts
Samsung
Android CERT-In Cyber Security Google Google Pixel Phones iPhone Samsung

Mobile Security Alert: CERT-In Flags Risks in Top Brands

The Indian Computer Emergency Response Team (CERT-In) has discovered security flaws in high-profile smartphone brands, including Samsung, Apple, and Google Pixel devices. After carefully analyzing these devices' security features, CERT-In has identified certain possible weaknesses that can jeopardize user privacy and data.

The CERT-In advisory highlights significant concerns for iPhone users, indicating a security flaw that could be exploited by malicious entities. This revelation is particularly alarming given Apple's reputation for robust security measures. The advisory urges users to update their iOS devices promptly, emphasizing the critical role of regular software updates in safeguarding against potential threats.

Samsung and Google Pixel phones are not exempt from security scrutiny, as CERT-In identified vulnerabilities in these Android-based devices as well. The CERT-In advisory underscores the importance of staying vigilant and promptly applying security patches and updates provided by the respective manufacturers. This is a reminder that even leading Android devices are not immune to potential security risks.

The timing of these warnings is crucial, considering the increasing reliance on smartphones for personal and professional activities. Mobile devices have become integral to our daily lives, storing sensitive information and facilitating online transactions. Any compromise in the security of these devices can have far-reaching consequences for users.

As cybersecurity threats continue to evolve, both manufacturers and users need to prioritize security measures. CERT-In's warnings underscore the need for proactive steps in identifying and addressing potential vulnerabilities before they can be exploited by malicious actors.

In response to the CERT-In advisory, Apple and Samsung have assured users that they are actively working to address the identified security flaws. Apple, known for its commitment to user privacy, has pledged swift action to resolve the issues outlined by CERT-In. Samsung, too, has expressed its dedication to ensuring its users' security and promised timely updates to mitigate the identified risks.

Cybercriminals are utilizing techniques that evolve along with technology. Users should prioritize the security of their mobile devices as a timely reminder provided by the CERT-In alerts. When it comes to preserving the integrity and security of smartphones, manufacturers' regular updates and patches are essential. Protecting our personal and business data while navigating the digital landscape requires us to be vigilant and knowledgeable about potential security threats.
Read more »
unauthorised access
AI Chatbots AI Tool Artificial Intelligence Chat GPT Cyber Security Encryption generative AI tools MFA Samsung Sensitive Information unauthorised access

Securing Generative AI: Navigating Risks and Strategies

The introduction of generative AI has caused a paradigm change in the rapidly developing field of artificial intelligence, posing both unprecedented benefits and problems for companies. The need to strengthen security measures is becoming more and more apparent as these potent technologies are utilized in a variety of areas.
  • Understanding the Landscape: Generative AI, capable of creating human-like content, has found applications in diverse fields, from content creation to data analysis. As organizations harness the potential of this technology, the need for robust security measures becomes paramount.
  • Samsung's Proactive Measures: A noteworthy event in 2023 was Samsung's ban on the use of generative AI, including ChatGPT, by its staff after a security breach. This incident underscored the importance of proactive security measures in mitigating potential risks associated with generative AI. As highlighted in the Forbes article, organizations need to adopt a multi-faceted approach to protect sensitive information and intellectual property.
  • Strategies for Countering Generative AI Security Challenges: Experts emphasize the need for a proactive and dynamic security posture. One crucial strategy is the implementation of comprehensive access controls and encryption protocols. By restricting access to generative AI systems and encrypting sensitive data, organizations can significantly reduce the risk of unauthorized use and potential leaks.
  • Continuous Monitoring and Auditing: To stay ahead of evolving threats, continuous monitoring and auditing of generative AI systems are essential. Organizations should regularly assess and update security protocols to address emerging vulnerabilities. This approach ensures that security measures remain effective in the face of rapidly evolving cyber threats.
  • Employee Awareness and Training: Express Computer emphasizes the role of employee awareness and training in mitigating generative AI security risks. As generative AI becomes more integrated into daily workflows, educating employees about potential risks, responsible usage, and recognizing potential security threats becomes imperative.
Organizations need to be extra careful about protecting their digital assets in the age of generative AI. Businesses may exploit the revolutionary power of generative AI while avoiding associated risks by adopting proactive security procedures and learning from instances such as Samsung's ban. Navigating the changing terrain of generative AI will require keeping up with technological advancements and adjusting security measures.

Read more »
Technology
AI Chatbots Apple Artificial Inteligence CFPB ChatGPT Cyberattacks CyberCrime Cybersecurity Google Open AI Passwords Samsung Security Codes Tech Companies Technology

Guidelines on What Not to Share with ChatGPT: A Formal Overview

 


A simple device like ChatGPT has unbelievable power, and it has revolutionized our experience of interacting with computers in such a profound way. There are, however, some limitations that it is important to understand and bear in mind when using this tool. 

Using ChatGPT, OpenAI has seen a massive increase in revenue resulting from a massive increase in content. There were 10 million dollars of revenue generated by the company every year. It, however, grew from 1 million dollars in to 200 million dollars in the year 2023. In the coming years, the revenue is expected to increase to over one billion dollars by the end of 2024, which is even higher than what it is now. 

A wide array of algorithms is included in the ChatGPT application that is so powerful that it is capable of generating any text the users want, from a simple math sum to a complex rocket theory question. It can do them all and more! It is crucial to acknowledge the advantages that artificial intelligence can offer and to acknowledge their shortcomings as the prevalence of chatbots powered by artificial intelligence continues to rise.  

To be successful with AI chatbots, it is essential to understand that there are certain inherent risks associated with their use, such as the potential for cyber attacks and privacy issues.  A major change in Google's privacy policy recently made it clear that the company is considering providing its AI tools with the data that it has collected from web posts to train those models and tools.  

It is equally troubling that ChatGPT retains chat logs to improve the model and to improve the uptime of the service. Despite this, there is still a way to address this concern, and it involves not sharing certain information with chatbots that are based on artificial intelligence. Jeffrey Chester, executive director of the Center for Digital Democracy, an organization dedicated to digital rights advocacy stated these tools should be viewed by consumers with suspicion at least, since as with so many other popular technologies – they are all heavily influenced by the marketing and advertising industries.  

The Limits Of ChatGPT 


As the system was not enabled for browsing (which is a requirement for ChatGPT Plus), it generated responses based on the patterns and information it learned throughout its training, which included a range of internet texts while it was training until September 2021 when the training cut-off will be reached.  

Despite that, it is incapable of understanding the context in the same way as people do and does not know anything in the sense of "knowing" anything. ChatGPT is famous for its impressive and relevant responses a great deal of the time, but it is not infallible. The answers that it produces can be incorrect or unintelligible for several reasons. 

Its proficiency largely depends on the quality and clarity of the prompt given. 

1. Banking Credentials 


The Consumer Financial Protection Bureau (CFPB) published a report on June 6 about the limitations of chatbot technology as the complexity of questions increases. According to the report, implementing chatbot technology could result in financial institutions violating federal consumer protection laws, which is why the potential for violations of federal consumer protection laws is high. 

According to the Consumer Financial Protection Bureau (CFPB), the number of consumer complaints has increased due to a variety of issues that include resolving disputes, obtaining accurate information, receiving good customer service, seeking assistance from human representatives, and maintaining personal information security. In light of this fact, the CFPB advises financial institutions to refrain from solely using chatbots as part of their overall business model.  

2. Personal Identifiable Information (PII). 


Whenever users share sensitive personal information that can be used to identify users personally, they need to be careful to protect their privacy and minimise the risk that it will be misused. The user's full name, home address, social security number, credit card number, and any other information that can identify them as an individual is included in this category. The importance of protecting these sensitive details is paramount to ensuring their privacy and preventing potential harm from unauthorised use. 

3. Confidential information about the user's workplace


Users should exercise caution and refrain from sharing private company information when interacting with AI chatbots. It is crucial to understand the potential risks associated with divulging sensitive data to these virtual assistants. 

Major tech companies like Apple, Samsung, JPMorgan, and Google have even implemented stringent policies to prohibit the use of AI chatbots by their employees, recognizing the importance of protecting confidential information. 

A recent Bloomberg article shed light on an unfortunate incident involving a Samsung employee who inadvertently uploaded confidential code to a generative AI platform while utilizing ChatGPT for coding tasks. This breach resulted in the unauthorized disclosure of private information about Samsung, which subsequently led to the company imposing a complete ban on the use of AI chatbots. 

Such incidents highlight the need for heightened vigilance and adherence to security measures when leveraging AI chatbots. 

4. Passwords and security codes 


In the event that a chatbot asks you for passwords, PINs, security codes, or any other confidential access credentials, do not give them these things. It is prudent to prioritise your safety and refrain from sharing sensitive information with AI chatbots, even though these chatbots are designed with privacy in mind. 

For your accounts to remain secure and for your personal information to be protected from the potential of unauthorised access or misuse, it is paramount that you secure your passwords and access credentials.

In an age marked by the progress of AI chatbot technology, the utmost importance lies in the careful protection of personal and sensitive information. This report underscores the imperative necessity for engaging with AI-driven virtual assistants in a responsible and cautious manner, with the primary objective being the preservation of privacy and the integrity of data. It is advisable to remain well-informed and to exercise prudence when interacting with these potent technological tools.
Read more »
South Korea
cyberattack information Data Breach Data Theft Samsung South Korea

Samsung Announces Second Customer Data Breach

The industry leader in technology, electronics, and smartphone producer, Samsung reported a data breach in its system. Earlier, the company was hit by a cyberattack in late July 2022. In August, the company discovered that a group of threat actors accessed its systems and breached customer personal data. 

The hackers had access to Samsung customers’ personal details including contacts, product registration data, dates of birth, and demographic information. However, the company said that the Social Security or credit card numbers were safe from the security breach. 

“In late July 2022, an unauthorized third party acquired information from some of Samsung’s U.S. systems. On or around August 4, 2022, we determined through our ongoing investigation that the personal information of certain customers was affected. We have taken actions to secure the affected systems, and have engaged a leading outside cybersecurity firm and are coordinating with law enforcement...” 

“…We want to assure our customers that the issue did not impact Social Security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information,” reads a notice published by the company. 

The company further added that the information exposed for each relevant customer may vary, however, the company has started notifying impacted customers, and also advised them to remain cautious of any unrecognized and illegal communications that ask for their personal credentials or refer them to a web page asking for personal information. Customers must also review their accounts for suspicious and unsolicited activity. Besides, they should avoid clicking on links or downloading attachments from unrecognized and suspicious emails

The company has become one of the most recognizable names in technology and produces industry electronics, including appliances, digital media devices, memory chips, semiconductors, and integrated systems. The company produces a fifth of South Korea's total exports. 

Furthermore, Samsung claims to have detected the vulnerability in the system caused by the attack and to have taken measures to secure the impacted systems. Also, the company hired a leading cybersecurity firm to investigate the matter and report it to law enforcement.
Read more »
Social Security Number
Data Breach Healthcare Hacking LAPSUS$ Microsoft NVIDIA Ransomware Threat Samsung Social Security Number

LAPSUS$ Group Targets SuperCare Health

 


SuperCare Health, a California-based respiratory care provider, has revealed a data breach that exposed the personal details of over 300,000 patients. Someone had access to specific systems between July 23 and July 27, 2021. By February 4, the company had assessed the scope of the data breach, learning the attackers had also acquired patient files including sensitive personal information such as:
  • Names, addresses, and birth dates.
  • A medical group or a hospital.
  • Along with health insurance details, a patient's account number and a medical record number are required. 
  • Data about one's health, such as diagnostic and treatment information. 
  • A small number of people's Social Security numbers and driver's license information were also revealed. 

"We have no reason to suspect any information was published, shared, or misused," according to SuperCare Health, but all possibly impacted patients should take extra security precautions to avoid identity theft and fraud. 

On March 25, the company notified all affected customers and implemented extra security steps to prevent the following breaches. The breach has affected 318,379 people, according to the US Department of Health and Human Services. Based on the number of people affected, this is presently among the top 50 healthcare breaches disclosed in the last two years. SuperCare Health further told, "We have reported the event to a Federal Bureau of Investigation and it will cooperate to help us identify and prosecute those involved." 

In the last several months, several healthcare institutions have revealed massive data breaches. Monongalia Health System (400,000 people affected), South Denver Cardiology Associates (287,000 people affected), Norwood Clinic (228,000 people affected), and Broward Health (228,000 people affected) are among the organizations on the list (1.3 million). 

Last week, the Health Department issued an advisory to healthcare groups, warning companies about the impact of a major cybercrime attack by the Lapsus$ cybercrime group. In recent months, the hackers have targeted Samsung, NVIDIA, Vodafone, Ubisoft, Globant, Microsoft, and Okta, among others. The organization takes information, often source code, and threatens to release it unless they are paid.

LAPSUS$ steals confidential information from organizations which have been hacked, then threatens to disclose or publish the information if the requested amount is not paid. The LAPSUS$ extortion ring, on the other hand, has abandoned the typical ransomware strategies of file encryption and computer lockout. 

According to the notice, the Health Department is aware of healthcare institutions which have been hacked as a result of the Okta attack; Okta has verified that more than 300 of its clients have been affected by the breach. In the light of the incident, Police in the United Kingdom have identified and charged several accused members of the Lapsus$ gang.
Read more »
Source Code
Data Breach Data Leak Samsung Secret Key Secret Keys Source Code

Thousands of Secret Keys Discovered in Leaked Samsung Source Code

 

Thousands of secret keys were exposed in the recently stolen Samsung source code, according to an analysis, including several that might be extremely beneficial to nefarious actors. GitGuardian, a business that specialises in Git security scanning and secret detection, conducted the research. 

The firm's analysts examined source code that was recently stolen by a cybercrime outfit known as Lapsus$. In recent weeks, the hackers claim to have hacked into several large corporations, including NVIDIA, Samsung, Ubisoft, and Vodafone. They appear to have acquired source code from the victims in numerous cases, some of which have been made public. Cybercriminals claim to have stolen 190 GB of data from Samsung, and the tech giant has verified that the hacked data contained the source code of Galaxy devices. 

More than 6,600 secret keys were discovered during GitGuardian's analysis of the exposed Samsung source code, including private keys, usernames and passwords, AWS keys, Google keys, and GitHub keys. The number of valid keys revealed is yet to be determined by the firm's researchers. However, 90 percent are likely related to internal systems, which may be more difficult for an attacker to use, according to their research. The remaining keys, which number around 600, can give attackers access to a wide range of systems and services. 

“Of the more than 6,600 keys found in Samsung source code roughly 90% are for Samsung's internal services and infrastructure, whilst the other 10%, critically, could grant access to Samsung's external services or tools such as AWS, GitHub, artifactory and Google,” explained Mackenzie Jackson, developer advocate at GitGuardian. 

The exposure of specific keys, according to Casey Bisson, head of product and developer relations at code security firm BluBracket, might lead to the TrustZone environment on Samsung devices being hacked. Researchers are yet to determine whether the revealed keys undermine the TrustZone, which holds sensitive data like fingerprints and passwords and acts as a security barrier against Android malware attacks. 

Bisson told SecurityWeek, “If the leaked data allows the malware to access the TrustZone environment, it could make all data stored there vulnerable. If Samsung has lost control of the signing keys, it could make it impossible for Samsung to securely update phones to prevent attacks on the TrustZone environment. Compromised keys would make this a more significant attack than Nvidia, given the number of devices, their connection to consumers, and amount of very sensitive data that phones have.”

GitGuardian reviewed the source code leaked from Amazon's live streaming service Twitch, from which hackers obtained and made public around 6,000 internal Git repositories, a few months ago. AWS keys, Twilio keys, Google API keys, database connection strings, and GitHub OAuth keys were among the secrets found by GitGuardian in those repositories.
Read more »
User Security
Data Breach Data Expose Data Leak data security Ransom Samsung User Data User Privacy User Security

Hackers Expose 190GB of Alleged Samsung Data

 

Hackers that exposed secret information from Nvidia have now turned their attention to Samsung. The hacker group known as Lapsus$ is suspected of taking 190GB of data from Samsung, including encryption and source codes for many of the company's new devices. 

On Saturday, hackers launched an attack on Samsung, leaking critical data collected through the attack and making it accessible via torrent. The hackers shared the complete data in three sections in a note to their followers, as seen by Bleeping Computer, along with a text file that details the stuff available in the download. 

The exposed material includes "source code from every Trusted Applet" installed on every Samsung smartphone, as per the message. It also includes "confidential Qualcomm source code," algorithms for "all biometric unlock operations," bootloader source code for the devices, and source codes for Samsung's activation servers and Samsung account authentications, including APIs and services. 

In short, the Lapsus$ attack targets Samsung Github for critical data compromise: mobile defence engineering, Samsung account backend, Samsung pass backend/frontend, and SES, which includes Bixby, Smartthings, and store. 

The attack on Samsung comes after the cyber organisation attempted to extort money from Nvidia in a ransom scheme. It's worth noting that it's not a straightforward monetary request. Instead, the hackers have asked Nvidia to lift the restriction on Ethereum cryptocurrency mining that it has placed on its Nvidia 30-series GPUs. Nvidia's GPU drivers must be open-sourced forever, according to the hackers. 

The hackers are plainly looking for money from the disclosed data, as evidenced by the updates. For $1 million, one of them promised to sell anyone a bypass for the crypto nerf on Nvidia GPUs. Another communication from the group, according to The Verge, claimed that instead of making the data public, they are attempting to sell it straight to a buyer. 

Last Monday, Nvidia confirmed the breach, acknowledging a leak of "employee credentials" and "proprietary information." It, on the other hand, disputed that the attack was linked to the ongoing Russia-Ukraine crisis and claimed that the cyberattack would have no impact on its operations. 

As of currently, there are no reports of Lapsus$ demanding a similar ransom from Samsung. If they do, however, Samsung is likely to suffer a significant setback, especially given the type of data that the hacking group now claims to have access to.
Read more »
Smartphones
Android Encryption Mobile Security Samsung Smartphones

Samsung Delivered 100 Million Phones with Faulty Encryption

 

Samsung is thought to have shipped 100 million smartphones with flawed encryption, including models ranging from the 2017 Galaxy S8 to last year's Galaxy S21. Tel Aviv University researchers discovered "serious" cryptographic design defects that might have allowed attackers to steal the devices' hardware-based cryptographic keys, keys that unlock the vast trove of security-critical data present in smartphones. 

To keep crucial security operations isolated from normal apps, Android devices, which almost all employ Arm-compatible silicon, rely on a Trusted Execution Environment (TEE) backed by Arm's TrustZone technology. TEEs use their own operating system, TrustZone Operating System (TZOS), and it is up to suppliers to integrate cryptographic features within TZOS. 

According to the researchers, the Android Keystore provides hardware-backed cryptographic key management via the Keymaster Hardware Abstraction Layer (HAL). Samsung implemented the HAL with Keymaster TA, a Trusted Application running in the TrustZone that performs cryptographic activities such as key generation, encryption, attestation, and signature creation in a safe environment. The outcomes of these TEE crypto calculations can subsequently be used in apps that run in less secure Android environments. 

The Keymaster TA saves cryptographic keys as blobs — the keys are wrapped (encrypted using AES-GCM) so that they may be saved in the Android file system. They should, in theory, only be readable within the TEE. 

Samsung, on the other hand, failed to successfully deploy Keymaster TA in its Galaxy S8, S9, S10, S20, and S21 phones. The researchers reverse engineered the Keymaster application and demonstrated that they could use an Initialization Vector (IV) reuse attack to get keys from hardware-protected key blobs. The IV is supposed to be a unique number each time, ensuring that the AES-GCM encryption operation provides a different result even when the same plain text is encrypted multiple times. 

According to the experts, the problem isn't simply with how Samsung handled encryption. According to the Tel Aviv University's study, these issues arise as a result of companies – specifically, Samsung and Qualcomm – keeping their cryptography designs close to the vest.

“Vendors including Samsung and Qualcomm maintain secrecy around their implementation and design of TZOSs and TAs,” they wrote in their paper. “As we have shown, there are dangerous pitfalls when dealing with cryptographic systems. The design and implementation details should be well audited and reviewed by independent researchers and should not rely on the difficulty of reverse engineering proprietary systems.”
Read more »
Subscribe to: Posts (Atom)